Today a DBA came to me and asked why the partition filled up. I had to drill into oracle to find the answer (Oracle trace files. Let's just say I've worked with smarter DBA's). Was that snooping? Granted, that was in the realm of solving a problem.
As an email admin, I've routinely seen subject lines of emails that made me raise eyebrows. It was almost always in the context of looking for a missing email. Is that snooping?
Personally, I'd REALLY like to see the data. 1) What does '300 Senior IT Professionals' mean? 2) I'd REALLY like to see the survey questions asked.
I often tell people that, as a sysadmin, if you don't trust me, fire me now, and escort me out the building. I have more than enough power to do irrevocable damage to the company.
Most states (in the US) have are what are called 'at will' laws. The short version is that either party can cease working there 'at will'. The 2 week notice is a courtesy to make hand off of job responsibilities reasonable.
Check into this in your state... the 3 months requirement certainly sounds harsh, and possibly illegal.
Of course, this only applies to Full Time employees. Contractors are another matter.
Yes, he was largely doing things that were IO bound, on a platform that's notorious for having bad IO performance (a laptop).
But, there were some IO changes. I haven't run the numbers to see if they were statistically significant changes, but tests that show improvements in such a 'poor case' scenario are useful...
The promise of FOSS is that you get the source code to do what you want with it. No matter who you are. If you make changes, and distribute them (assuming the GPL), you have to distribute your code changes as well.
They (your Oil Company) are taking the code, compiling it, and using it as it was intended. That's not leaching.
The license cuts both ways. There's no requirement to pay for it. Whether your some kids in your garage, saturating your parents DSL line to upload data to youtube, or a multinational oil company saturating a bunch of OC-3 lines.
Would it be 'nice' of them to contribute back? Sure. But we can't speak ill of them for not (Though I'd be willing to bet that there are a few code patches coming from said Multinational Oil).
If that's the case, you can up the security significantly by installing a nice, managed, client side firewall. I've only worked with Symantec for this service, but I'm sure there are others. Something that actually lets you limit the IP address ranges you can access, rather than 'this program can get to the internet, and this one can't'.
You can control their DNS server, but not the other data/programs on the systems?
You might then be better off using a client side proxy, but I offer this piece of advice: If you can't trust your users to use their computers responsibly, why hire them?
(Unless you're in a kiosk situation, in which case this DNS based solution is nowhere near sufficient...)
I haven't tried it, but you could probably set up a top level wild card domain, and force responses in it to be NXDOMAIN.
BIND v9 has a great Administrators Reference (bv9arm.pdf I think) that you should download and study if you want to do something like this. http://www.isc.org/sw/bind/arm93/Bv9ARM.pdf
Though you're probably better off looking into something like SQUID or some other internet proxy to do this internet access limitation... it will be more flexible.
We as individuals are kinda screwed. The best thing is to keep a rolling hard drive set:
get two large hard drives, keep one off site (safe deposit box, at the office, whatever). Use each to get a regular (monthly or so?) backup of all your data.
As size of hard drives increase, keep getting new ones (or use multiple in each of your two sets).
Once every 2-3 years or so, re-evaluate everything.
On the enterprise level, it's a LITTLE easier... certain tape and drive makers promise compatibility for 7-10 years. And EMC has there Sentera (sp?) product line which they promise upgrades and compatibility for the next 30 years... but these things are rather expensive.
There are 3 kinds of 'backups' out there. Disaster Recovery, User Protection, and Archival.
Disaster Recovery provides protection for 'this building isn't here anymore'. Requires an 'off site' copy of all the data, that's kept up to date regularly. Ususally this is a combination of 'full', 'incremental' and maybe 'differential' backups. Or it could be a full, real time, copy of the data (if you have the $$$$$$ to support this). Direct backup to (cheap) disks works well for this, or tapes (which are easier to take off site).
User Protection provides protection for 'uh... I dropped this table from the database last week, but this monthly process is still expecting it... can we get it recovered?' type situations. This requires regular backups of your data, and the copies are kept for a relativly significant piece of time (6 months? a year?). Tapes are almost always used for this.
Archive backups are what's required when, say, the IRS says 'keep payroll tax data for 7 years'. Depending on the size of the data, CDs/DVDs may be a good choice, or often tape.
A real backup strategy has to deal with all these issues, while keeping the cost down. Real backups cost a LOT of real money.
Not strictly speaking cube design, but relevant if you're re-designing an office:
Stand up meetings.
Tables that stand at about 4.5 ft tall (average elbo hight for an average sized adult), that force people to stand and interact with each other. Intel uses this idea, and from what I've heard it's really effective at shortening meeting times, since it's less comfortable. And shorter meetings are a good thing.
This is what it is. It's an analysis of passwords, obtained by a script kiddie's phishing site. The author makes no claims to 'analysing the strength of every myspace password' or some such. All the information you need to analyze his results are right there.
He didn't 'choose' to study this... the data fell into his hands, and he offered analysis.
This is a great little 'news for nerds' thing. The author says he has this data, he's smart enough not to publish it (just the analysis), he gives some interesting results from raw analysis of the 'data'. Take the story for what it is: Sunday morning on Slashdot.
Lord Ender says: It seems strange to me that a copyright lawyer hasn't heard of the fair use rights granted by US copyright law (Title 17, section 107).
The person asking the legal question is better informed than the lawyer!
In response, Ray Beckerman (Lawyer) says: You don't know what you are talking about.
Ray: Slashdot groupthink usually reaches for the Fair Use Doctrine to justify ripping music to Mp3 and using it. Saying "You don't know what you're talking about" isn't a very satisfying answer.
I would love to hear, even in brief, a discussion of why Fair Use does not apply to these cases. It seems that you started to answer this question below with how Russia and the US have different laws about what copies are allowed, and which aren't, however, I'm not understanding what is allowed here in the US from your point of view.
He hints around what I propose a lot[1], but he doesn't go there for some reason. His solution is to reform the system that has been broken for a long time, with what sounds like 'entrenched' problems.
My suggestion is to fork. You mention several good people and code. Open a new project (BSDPortable?) tempt the good people over there, and move on.
In my experience, the 'bad elements' very rarely remove themselves...
Accusation is not guilt. We may never know if these issues have merit. They might have great merit, and got him fired for whistle blowing. They might be without merit, and this is the last straw to break an overly paranoid engineer's employment.
It all hinges on the merit of the claims, which we can't validate.
You state that you're a midsized company, yet you're using a full internet class b, a private class A (10.*), 16 class b's (172.16.*), and a class B (192.168.*).
That's more IP addresses than a major technical college I know uses. Unless you're a pretty major ISP, that's crazy. MAJOR companies often make due with a decent number of internet routeable IP's, and a lot of NAT.
Lesson one: Learn NAT (aka ipMasqerade)
NAT lets you have 1 firewall that offers internet access to lots of other computers. Thousands of computers sit comfortably behind a single internet gateway.
Lesson two: learn subnetting.
Just because RFC1918 says that 10.x is a class A private range, doesn't mean that you have to route it as a class A... Subnet it. Internally, define 10.1.1.x as a server range. Set up a complex site with several (~5 or so) as 10.0.8.0/29 for example. That would give a site 8 Class C ranges to play with, and it's great for route sumarization... which leads me to:
Lesson three: learn routing.
After you've subnetted the world, you have to route between it. Cisco makes lots of money selling these devices. You probably should have some (or use Juniper... they do the same thing[1]). Use static routes. Use dynamic routes. But set it up. Which leads me to:
Lesson four:
There are reasons that networking geeks are around. Let us deal with these problems. You're world will be much more stable.
Now, I can imagine some reasons that your are validly using that many IP addresses, and utilizing the concepts/technologies I've mentioned above... but they're a bit of a stretch. Most likely, this whole thing has been set up willy-nilly, and is overdue for an overhaul.
--Jason
[1] But you don't have to use true 'routers'... if that term means anything today... If you're routing around a switched environment, most reasonably manageable switches let you configure static and dynamic routing.
1) Get COPIES of the root passwords to the local hardware. Set up a patching scheme. Detail a non-intrusive patching schedule. Most admin machines are pretty out of date (since they often need to be used during the patching window, etc)
2) find ways to consolodate resources that are stashed on the admins local boxes onto servers. All the data/services that the admin boxes provide, that end up being critical to the business [1]. Any NFS mounts or what not should be moved to a big raid5 volume, and shared out from there. Be sure to give these admins write access to it as needed.
[1] for example, there's not an NTP server around at my office, so a workstation is running it. It's stupid, but I haven't had time to fix it right.
Raid 5 is fantastic in read heavy environments. Mathmatically speaking it will perform nearly to the level of either RAID10 or RAID01 (only slower because the controler has 2 disks to choose from when reading RAID10... it'll use the more idle one). In write heavy environments (like most DB's, especially transactional ones) the 'write, read, read, read (...), calculate parity, write' cycle can eat you alive.
RAID3 is a waste of time, unless you're serving HUGE files that will only be accessed sequentially (ex: full length movies). In almost all cases, RAID5 is ALWAYS superior to RAID3 (raid5 spreads the parity information across all disks, raid3 only uses one disk for it).
The only difference in performance between RAID10 and RAID01 is restore time. Everything else comes out a tie. RAID10 takes an even number of disks (for example: 10), makes #/2 (5 in this case) mirrored pairs of disks (5 whole disk raid1 volumes) and then concatinates them together with raid0. Raid01 takes an even number of disks, makes 2 raid0 volumes, and then mirrors the large volumes.
The reason RAID10 is better for restores is you only have to sync 1 disk worth of data to restore one failed drive. In RAID01 you have to resync the whole volume to validate it (in general).
There are several options on 'master/slave' that can be done. The easiest invovles shared storage (2 boxes tied to 1 disk controler... box A goes down, box B notices, imports the disks, mounts them, starts the DB, and you're back. You only loose any transaction that was 'in progress' at failure time.
Any time you add HA to something, you're adding complexity, and usually a fair bit of it. That's a trade off you need to consider (as is the extra price for software/hardware and support for the solution).
New toys: 1) iPod. 2) Shure e2c noise isolating headphones.
Together, they block out 80-90% of the sound distractions. People come up, see the headphones, and re-evaluate if they should interupt me. Many still do, but some back off and send an email.
It also helps my slight ADD nature since I don't hear conversations near me that slightly affect me, so I don't get involved in them.
This doesn't help email and IM, but it's a good start.
(paraphrase) "Celestial Navigation works on the principle that the Earth is the center of the universe. The assumption is wrong, but the navigation works. A flawed model can still produce useful results."
All models are oversimplifications. Even our models of molecules pretend that atoms are solid spheres... This doesn't mean that the models are useless.
That said, only time will tell how useful this model is.
Slashdot Mirror
I completely agree with everything you've said.
And I'd add that you probably WANT this patent to succeed. It's FANTASTIC resume fodder to have a patent with your name on it.
Today a DBA came to me and asked why the partition filled up. I had to drill into oracle to find the answer (Oracle trace files. Let's just say I've worked with smarter DBA's). Was that snooping? Granted, that was in the realm of solving a problem.
As an email admin, I've routinely seen subject lines of emails that made me raise eyebrows. It was almost always in the context of looking for a missing email. Is that snooping?
Personally, I'd REALLY like to see the data. 1) What does '300 Senior IT Professionals' mean? 2) I'd REALLY like to see the survey questions asked.
I often tell people that, as a sysadmin, if you don't trust me, fire me now, and escort me out the building. I have more than enough power to do irrevocable damage to the company.
If you would like to read excerpts from his prepared speach , you can get it here (and links to the full thing):
http://amywelborn.wordpress.com/2008/01/17/what-can-a-pope-say/
I think you might be pleasantly surprised by what you find there.
Most states (in the US) have are what are called 'at will' laws. The short version is that either party can cease working there 'at will'. The 2 week notice is a courtesy to make hand off of job responsibilities reasonable.
Check into this in your state... the 3 months requirement certainly sounds harsh, and possibly illegal.
Of course, this only applies to Full Time employees. Contractors are another matter.
Yes, he was largely doing things that were IO bound, on a platform that's notorious for having bad IO performance (a laptop).
But, there were some IO changes. I haven't run the numbers to see if they were statistically significant changes, but tests that show improvements in such a 'poor case' scenario are useful...
Leach?
The promise of FOSS is that you get the source code to do what you want with it. No matter who you are. If you make changes, and distribute them (assuming the GPL), you have to distribute your code changes as well.
They (your Oil Company) are taking the code, compiling it, and using it as it was intended. That's not leaching.
The license cuts both ways. There's no requirement to pay for it. Whether your some kids in your garage, saturating your parents DSL line to upload data to youtube, or a multinational oil company saturating a bunch of OC-3 lines.
Would it be 'nice' of them to contribute back? Sure. But we can't speak ill of them for not (Though I'd be willing to bet that there are a few code patches coming from said Multinational Oil).
If that's the case, you can up the security significantly by installing a nice, managed, client side firewall. I've only worked with Symantec for this service, but I'm sure there are others. Something that actually lets you limit the IP address ranges you can access, rather than 'this program can get to the internet, and this one can't'.
You can control their DNS server, but not the other data/programs on the systems?
You might then be better off using a client side proxy, but I offer this piece of advice: If you can't trust your users to use their computers responsibly, why hire them?
(Unless you're in a kiosk situation, in which case this DNS based solution is nowhere near sufficient...)
I haven't tried it, but you could probably set up a top level wild card domain, and force responses in it to be NXDOMAIN.
BIND v9 has a great Administrators Reference (bv9arm.pdf I think) that you should download and study if you want to do something like this. http://www.isc.org/sw/bind/arm93/Bv9ARM.pdf
Though you're probably better off looking into something like SQUID or some other internet proxy to do this internet access limitation... it will be more flexible.
I guess it depends on how important your data is. That solution doesn't give protection in the case of a house fire or theft.
Discipline in backups is key... my personal failing is taking the second hard drive to the office.
We as individuals are kinda screwed. The best thing is to keep a rolling hard drive set:
get two large hard drives, keep one off site (safe deposit box, at the office, whatever). Use each to get a regular (monthly or so?) backup of all your data.
As size of hard drives increase, keep getting new ones (or use multiple in each of your two sets).
Once every 2-3 years or so, re-evaluate everything.
On the enterprise level, it's a LITTLE easier... certain tape and drive makers promise compatibility for 7-10 years. And EMC has there Sentera (sp?) product line which they promise upgrades and compatibility for the next 30 years... but these things are rather expensive.
What are your needs?
There are 3 kinds of 'backups' out there. Disaster Recovery, User Protection, and Archival.
Disaster Recovery provides protection for 'this building isn't here anymore'. Requires an 'off site' copy of all the data, that's kept up to date regularly. Ususally this is a combination of 'full', 'incremental' and maybe 'differential' backups. Or it could be a full, real time, copy of the data (if you have the $$$$$$ to support this). Direct backup to (cheap) disks works well for this, or tapes (which are easier to take off site).
User Protection provides protection for 'uh... I dropped this table from the database last week, but this monthly process is still expecting it... can we get it recovered?' type situations. This requires regular backups of your data, and the copies are kept for a relativly significant piece of time (6 months? a year?). Tapes are almost always used for this.
Archive backups are what's required when, say, the IRS says 'keep payroll tax data for 7 years'. Depending on the size of the data, CDs/DVDs may be a good choice, or often tape.
A real backup strategy has to deal with all these issues, while keeping the cost down. Real backups cost a LOT of real money.
--Jason
Not strictly speaking cube design, but relevant if you're re-designing an office:
Stand up meetings.
Tables that stand at about 4.5 ft tall (average elbo hight for an average sized adult), that force people to stand and interact with each other. Intel uses this idea, and from what I've heard it's really effective at shortening meeting times, since it's less comfortable. And shorter meetings are a good thing.
--Jason
This is what it is. It's an analysis of passwords, obtained by a script kiddie's phishing site. The author makes no claims to 'analysing the strength of every myspace password' or some such. All the information you need to analyze his results are right there.
He didn't 'choose' to study this... the data fell into his hands, and he offered analysis.
This is a great little 'news for nerds' thing. The author says he has this data, he's smart enough not to publish it (just the analysis), he gives some interesting results from raw analysis of the 'data'. Take the story for what it is: Sunday morning on Slashdot.
Lord Ender says:
It seems strange to me that a copyright lawyer hasn't heard of the fair use rights granted by US copyright law (Title 17, section 107).
The person asking the legal question is better informed than the lawyer!
In response, Ray Beckerman (Lawyer) says:
You don't know what you are talking about.
Ray: Slashdot groupthink usually reaches for the Fair Use Doctrine to justify ripping music to Mp3 and using it. Saying "You don't know what you're talking about" isn't a very satisfying answer.
I would love to hear, even in brief, a discussion of why Fair Use does not apply to these cases. It seems that you started to answer this question below with how Russia and the US have different laws about what copies are allowed, and which aren't, however, I'm not understanding what is allowed here in the US from your point of view.
Thanks!
He hints around what I propose a lot[1], but he doesn't go there for some reason. His solution is to reform the system that has been broken for a long time, with what sounds like 'entrenched' problems.
My suggestion is to fork. You mention several good people and code. Open a new project (BSDPortable?) tempt the good people over there, and move on.
In my experience, the 'bad elements' very rarely remove themselves...
[1] Dragonfly BSD, Xorg, etc
Accusation is not guilt. We may never know if these issues have merit. They might have great merit, and got him fired for whistle blowing. They might be without merit, and this is the last straw to break an overly paranoid engineer's employment.
It all hinges on the merit of the claims, which we can't validate.
You're right... As you state, that should have been /21.
That's what I get for posting pre-coffee.
You state that you're a midsized company, yet you're using a full internet class b, a private class A (10.*), 16 class b's (172.16.*), and a class B (192.168.*).
That's more IP addresses than a major technical college I know uses. Unless you're a pretty major ISP, that's crazy. MAJOR companies often make due with a decent number of internet routeable IP's, and a lot of NAT.
Lesson one: Learn NAT (aka ipMasqerade)
NAT lets you have 1 firewall that offers internet access to lots of other computers. Thousands of computers sit comfortably behind a single internet gateway.
Lesson two: learn subnetting.
Just because RFC1918 says that 10.x is a class A private range, doesn't mean that you have to route it as a class A... Subnet it. Internally, define 10.1.1.x as a server range. Set up a complex site with several (~5 or so) as 10.0.8.0/29 for example. That would give a site 8 Class C ranges to play with, and it's great for route sumarization... which leads me to:
Lesson three: learn routing.
After you've subnetted the world, you have to route between it. Cisco makes lots of money selling these devices. You probably should have some (or use Juniper... they do the same thing[1]). Use static routes. Use dynamic routes. But set it up. Which leads me to:
Lesson four:
There are reasons that networking geeks are around. Let us deal with these problems. You're world will be much more stable.
Now, I can imagine some reasons that your are validly using that many IP addresses, and utilizing the concepts/technologies I've mentioned above... but they're a bit of a stretch. Most likely, this whole thing has been set up willy-nilly, and is overdue for an overhaul.
--Jason
[1] But you don't have to use true 'routers'... if that term means anything today... If you're routing around a switched environment, most reasonably manageable switches let you configure static and dynamic routing.
if (percent_pink_pixels(image) >= 70%)
...
flag_as_porn(image);
endif
Step1: use silly algorithm
Step2:
Step3: PROFIT!
1) Get COPIES of the root passwords to the local hardware. Set up a patching scheme. Detail a non-intrusive patching schedule. Most admin machines are pretty out of date (since they often need to be used during the patching window, etc)
2) find ways to consolodate resources that are stashed on the admins local boxes onto servers. All the data/services that the admin boxes provide, that end up being critical to the business [1]. Any NFS mounts or what not should be moved to a big raid5 volume, and shared out from there. Be sure to give these admins write access to it as needed.
[1] for example, there's not an NTP server around at my office, so a workstation is running it. It's stupid, but I haven't had time to fix it right.
Not quite.
Raid 5 is fantastic in read heavy environments. Mathmatically speaking it will perform nearly to the level of either RAID10 or RAID01 (only slower because the controler has 2 disks to choose from when reading RAID10... it'll use the more idle one). In write heavy environments (like most DB's, especially transactional ones) the 'write, read, read, read (...), calculate parity, write' cycle can eat you alive.
RAID3 is a waste of time, unless you're serving HUGE files that will only be accessed sequentially (ex: full length movies). In almost all cases, RAID5 is ALWAYS superior to RAID3 (raid5 spreads the parity information across all disks, raid3 only uses one disk for it).
The only difference in performance between RAID10 and RAID01 is restore time. Everything else comes out a tie. RAID10 takes an even number of disks (for example: 10), makes #/2 (5 in this case) mirrored pairs of disks (5 whole disk raid1 volumes) and then concatinates them together with raid0. Raid01 takes an even number of disks, makes 2 raid0 volumes, and then mirrors the large volumes.
The reason RAID10 is better for restores is you only have to sync 1 disk worth of data to restore one failed drive. In RAID01 you have to resync the whole volume to validate it (in general).
There are several options on 'master/slave' that can be done. The easiest invovles shared storage (2 boxes tied to 1 disk controler... box A goes down, box B notices, imports the disks, mounts them, starts the DB, and you're back. You only loose any transaction that was 'in progress' at failure time.
Any time you add HA to something, you're adding complexity, and usually a fair bit of it. That's a trade off you need to consider (as is the extra price for software/hardware and support for the solution).
New toys: 1) iPod. 2) Shure e2c noise isolating headphones.
Together, they block out 80-90% of the sound distractions. People come up, see the headphones, and re-evaluate if they should interupt me. Many still do, but some back off and send an email.
It also helps my slight ADD nature since I don't hear conversations near me that slightly affect me, so I don't get involved in them.
This doesn't help email and IM, but it's a good start.
(paraphrase) "Celestial Navigation works on the principle that the Earth is the center of the universe. The assumption is wrong, but the navigation works. A flawed model can still produce useful results."
All models are oversimplifications. Even our models of molecules pretend that atoms are solid spheres... This doesn't mean that the models are useless.
That said, only time will tell how useful this model is.